Vulnerability CVE-2021-26855


Published: 2021-03-03

Description:
Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065, CVE-2021-27078.

See advisories in our WLB2 database:
Topic
Author
Date
High
Microsoft Exchange ProxyLogon Remote Code Execution
Orange Tsai
24.03.2021
High
Microsoft Exchange 2019 Unauthenticated Email Download (Metasploit)
RAMELLA Sébasti...
21.05.2021
Med.
Microsoft Exchange ProxyLogon Collector
Ramella Sebastie...
23.05.2021
High
Microsoft Exchange 2019 Unauthenticated Email Download
Gonzalo Villegas...
26.07.2021

Type:

NVD-CWE-noinfo

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Microsoft -> Exchange server 

 References:
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26855

Copyright 2024, cxsecurity.com

 

Back to Top